CVE-2008-3698

VMware <6.0.5-1.0.8 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors.

References (16)

Core 16
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2466
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30936
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/495869/100/0/threaded
Third Party Advisory mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1020790
Patch, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31707
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4202

Scores

EPSS 0.0009
EPSS Percentile 25.8%

Details

CWE
CWE-264
Status published
Products (4)
vmware/ace 1.0 - 1.0.7
vmware/player 1.0.0 - 1.0.8
vmware/server < 1.0.7
vmware/workstation 5.5 - 5.5.8
Published Sep 03, 2008
Tracked Since Feb 18, 2026